diff options
author | Peter Wu <peter@lekensteyn.nl> | 2014-07-06 15:34:38 +0200 |
---|---|---|
committer | Evan Huus <eapache@gmail.com> | 2014-07-06 23:00:40 +0000 |
commit | f2b4daf4005d60eef7e34e2e6ebf4fe487d3c255 (patch) | |
tree | 1fac15d7bcbc381c5e0a3a6602e7edd20e574e39 /epan/dfilter | |
parent | ec6a22dc3ba8e2d438b34d892d6a40e1be2a28f2 (diff) |
Add printf-format annotations, fix garbage
The WRETH dissector showed up some garbage in the column display. Upon
further inspection, it turns out that the format string had a trailing
percent sign which caused (unsigned)-1 to be returned by
g_printf_string_upper_bound (in emem_strdup_vprintf). Then ep_alloc is
called with (unsigned)-1 + 1 = 0 memory, no wonder that garbage shows
up. ASAN could not even catch this error because EP is in charge of
this.
So, start adding G_GNUC_PRINTF annotations in each header that uses
the "fmt" or "format" paramters (grepped + awk). This revealed some
other errors. The NCP2222 dissector was missing a format string (not
a security vuln though).
Many dissectors used val_to_str with a constant (but empty) string,
these have been replaced by val_to_str_const. ASN.1 dissectors
were regenerated for this.
Minor: the mate plugin used "%X" instead of "%p" for a pointer type.
The ncp2222 dissector and wimax plugin gained modelines.
Change-Id: I7f3f6a3136116f9b251719830a39a7b21646f622
Reviewed-on: https://code.wireshark.org/review/2881
Reviewed-by: Evan Huus <eapache@gmail.com>
Diffstat (limited to 'epan/dfilter')
-rw-r--r-- | epan/dfilter/dfilter-int.h | 2 | ||||
-rw-r--r-- | epan/dfilter/grammar.lemon | 4 | ||||
-rw-r--r-- | epan/dfilter/semcheck.c | 10 |
3 files changed, 8 insertions, 8 deletions
diff --git a/epan/dfilter/dfilter-int.h b/epan/dfilter/dfilter-int.h index 1b1018e7ad..8a7511de05 100644 --- a/epan/dfilter/dfilter-int.h +++ b/epan/dfilter/dfilter-int.h @@ -68,7 +68,7 @@ extern stnode_t *df_lval; /* Set dfilter_error_msg_buf and dfilter_error_msg */ void -dfilter_fail(const char *format, ...); +dfilter_fail(const char *format, ...) G_GNUC_PRINTF(1, 2); void DfilterTrace(FILE *TraceFILE, char *zTracePrompt); diff --git a/epan/dfilter/grammar.lemon b/epan/dfilter/grammar.lemon index 84803cd393..a9856127e6 100644 --- a/epan/dfilter/grammar.lemon +++ b/epan/dfilter/grammar.lemon @@ -81,11 +81,11 @@ any "error" symbols are shifted, if possible. */ break; case STTYPE_STRING: dfilter_fail("The string \"%s\" was unexpected in this context.", - stnode_data(TOKEN)); + (char *)stnode_data(TOKEN)); break; case STTYPE_UNPARSED: dfilter_fail("\"%s\" was unexpected in this context.", - stnode_data(TOKEN)); + (char *)stnode_data(TOKEN)); break; case STTYPE_INTEGER: dfilter_fail("The integer %d was unexpected in this context.", diff --git a/epan/dfilter/semcheck.c b/epan/dfilter/semcheck.c index c76859dc28..8e1d9b5bf6 100644 --- a/epan/dfilter/semcheck.c +++ b/epan/dfilter/semcheck.c @@ -358,7 +358,7 @@ check_exists(stnode_t *st_arg1) case STTYPE_STRING: case STTYPE_UNPARSED: dfilter_fail("\"%s\" is neither a field nor a protocol name.", - stnode_data(st_arg1)); + (char *)stnode_data(st_arg1)); THROW(TypeError); break; @@ -730,8 +730,8 @@ check_relation_LHS_STRING(const char* relation_string, else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED) { /* Well now that's silly... */ dfilter_fail("Neither \"%s\" nor \"%s\" are field or protocol names.", - stnode_data(st_arg1), - stnode_data(st_arg2)); + (char *)stnode_data(st_arg1), + (char *)stnode_data(st_arg2)); THROW(TypeError); } else if (type2 == STTYPE_RANGE) { @@ -819,8 +819,8 @@ check_relation_LHS_UNPARSED(const char* relation_string, else if (type2 == STTYPE_STRING || type2 == STTYPE_UNPARSED) { /* Well now that's silly... */ dfilter_fail("Neither \"%s\" nor \"%s\" are field or protocol names.", - stnode_data(st_arg1), - stnode_data(st_arg2)); + (char *)stnode_data(st_arg1), + (char *)stnode_data(st_arg2)); THROW(TypeError); } else if (type2 == STTYPE_RANGE) { |